Let's encrypt with postfix / dovecot/courier / ftp

Hi,
is there any good solution how to use ISPConfig to secure FTP(S), Postfix, Dovecot/Courier?
Currently, I've placed my purchased certs inside of /etc/ssl/ and used the softwares default path to grab the certificates, but I would love to have the ability to include Let's Encrypt without the hassle of renewing manually. I could create some subdomains and copy the content of the certs, but this is again a lot of work. And if I change the config of the services to point to the ssl cert which are created under client/....ssl/, i have to renew the paths every time I update or reconfigure some services.

Is there any good approach with 0 headaches?

 

you could create a symlink to the client/..../ssl/ certs and keep the config as is.

That could be a 0 headaches solution?

 

@Rein van 't Veer that wouldn't work, as the names are different. The config would change when I reconfigure them or when major updates arrive which have to change the config-files.

Actually, the best thing would be, if ISPConfig would patch them automatically and insert the right paths (and re-inject the values, when there was an update)

 

After digging around a bit, I finally decided to go that smylink-way now. As ISPConfig will save /etc/ on updates, I can quickly re-add the ssl lines into postfix.conf and dovecot.conf.

I created a

smtpd.cert
smtpd.key

symlink inside /etc/postfix which linked to
ln -s smtpd.cert /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem
ln -s smtpd.key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem

as Let's Encrypt is just fully trusted with complete chain (X3 authority alone isn't trustworthy, DST cross-signing required to prevent Thunderbird/Apple Mail alerts)
I linked dovecot to use the same symlinks inside /etc/postfix - et voila. It works. A bit hacky but fair enough for a free SSL